The only authentication needed to sync a folder is access to the shared secret. What protects against a brute force attack on these hashes? If you didn't care about which folder you pulled down, couldn't an attacker poll random hashes?<p>Obviously the device would be visible to the other devices, and it would take some time to run through the space - but that seems to be just a matter of time and current tech.